mirror of
https://github.com/librenms/librenms.git
synced 2024-10-07 16:52:45 +00:00
security: Escape sql credentials during install (#7494)
This commit is contained in:
committed by
Neil Lathwood
parent
6e379bfbbd
commit
96ccc49026
@@ -44,7 +44,7 @@ $cmd = $config['install_dir'] . '/build-base.php -l';
|
||||
|
||||
foreach ($db_vars as $var => $opt) {
|
||||
if ($_SESSION[$var]) {
|
||||
$cmd .= " -$opt {$_SESSION[$var]}";
|
||||
$cmd .= " -$opt " . escapeshellarg($_SESSION[$var]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user